Lucene search

Directadmin Security Vulnerabilities

cve

CVE-2006-2153

Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin Hosting Management allows remote attackers to inject arbitrary web script or HTML via the domain parameter.

5.7AI Score

0.007EPSS

2006-05-03 10:02 AM

cve

CVE-2006-5983

Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) user parameter to (a) CMD_SHOW_RESELLER or (b) CMD_SHOW_USER in the Admin level; the (2) TYPE parameter to (c) CMD_TICKET_CREAT...

5.4AI Score

0.007EPSS

2006-11-20 09:07 PM

cve

CVE-2007-1508

Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers to inject arbitrary web script or HTML via the RESULT parameter, a different vector than CVE-2006-5983.

5.6AI Score

0.007EPSS

2007-03-20 10:19 AM

cve

CVE-2007-1926

Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properly display log files, which allows remote authenticated users to inject arbitrary web script or HTML via (1) http or (2) ftp requests logged in /var/log/directadmin/security.log; (3) allows context-dep...

5.5AI Score

0.011EPSS

2007-04-10 11:19 PM